From: Jan Beulich <jbeulich@suse.com>
Date: Mon, 7 Nov 2016 13:07:11 +0000 (+0100)
Subject: x86/traps: replace ASSERT() checking array bounds
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~115
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=4d86f9c099850d674dfb0f6877c76eb40eeaffc7;p=xen.git

x86/traps: replace ASSERT() checking array bounds

Avoid out of bounds accesses on non-debug builds.

Coverity ID: 1055744

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Release-acked-by: Wei Liu <wei.liu2@citrix.com>
---

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 63765ec5ce..822556a8e0 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -3764,7 +3764,11 @@ void async_exception_cleanup(struct vcpu *curr)
             if ( (curr->async_exception_mask ^
                   curr->async_exception_state(trap).old_mask) == (1 << trap) )
                 break;
-    ASSERT(trap <= VCPU_TRAP_LAST);
+    if ( unlikely(trap > VCPU_TRAP_LAST) )
+    {
+        ASSERT_UNREACHABLE();
+        return;
+    }
 
     /* Restore previous asynchronous exception mask. */
     curr->async_exception_mask = curr->async_exception_state(trap).old_mask;